Forum :: Lounge :: Aureus Online DDOS attack

Plasmastar posted: (15th Nov 2012, 03:46 pm)

You all should know, that firewalls do very little to thwart actual bandwidth based attacks. The traffic still has to get to the firewall for it to block it, hence doing it's job by still using your bandwidth...

Hence "blocking UDP" is ridiculous advice. P.S. If you block all UDP, you no longer give out ping replies.

"ping" is a feature of ICMP, derp-ass (and sure as hell not a vital network service, anyway). Blocking UDP, though, will most notably block DNS and DHCP traffic, which will likely make your Internets seriously less fun to use, and impossible to use if you're behind NAT.

A network attack could conceivably overheat a crappy switch/router/firewall to the point of damaging it since the patterns in a DoS attack are fairly different from heavy streaming (a firewall might be thrashing its processor much harder than usual checking 1000s of connections per second against rulesets), and you may not be talking a home user's equipment (an unprepared core Internet router suddenly getting 100s of gigabits per second that it normally doesn't handle, on a really hot day, racked in a stupid position...).

Sausage posted: (15th Nov 2012, 04:46 pm)

Plasmastar posted: (15th Nov 2012, 03:46 pm)

You all should know, that firewalls do very little to thwart actual bandwidth based attacks. The traffic still has to get to the firewall for it to block it, hence doing it's job by still using your bandwidth...

Hence "blocking UDP" is ridiculous advice. P.S. If you block all UDP, you no longer give out ping replies.

"ping" is a feature of ICMP, derp-ass (and sure as hell not a vital network service, anyway). Blocking UDP, though, will most notably block DNS and DHCP traffic, which will likely make your Internets seriously less fun to use, and impossible to use if you're behind NAT.

A network attack could conceivably overheat a crappy switch/router/firewall to the point of damaging it since the patterns in a DoS attack are fairly different from heavy streaming (a firewall might be thrashing its processor much harder than usual checking 1000s of connections per second against rulesets), and you may not be talking a home user's equipment (an unprepared core Internet router suddenly getting 100s of gigabits per second that it normally doesn't handle, on a really hot day, racked in a stupid position...).

The hardware equipment would have to be turned on long enough to even get fried, and i seriously doubt the computer would overheat a processor it's not like the attack is playing with the hardware fans causing it to overheat and fry..

It may put more stress on the CPU but probably not much cause soon as the router gets fried the computer has nothing to do with it.

---
https://www.fallen-evolution.com
https://www.fallen-evolution.com/discord
https://eosource.net

elevations posted: (15th Nov 2012, 04:31 pm)

Plasmastar posted: (15th Nov 2012, 03:46 pm)

You all should know, that firewalls do very little to thwart actual bandwidth based attacks. The traffic still has to get to the firewall for it to block it, hence doing it's job by still using your bandwidth...

Hence "blocking UDP" is ridiculous advice. P.S. If you block all UDP, you no longer give out ping replies.

Correction Software "firewalls" do little you are not being specific enough.

I am mainly talking about hardware firewalls, big expensive equipment to stop/negate/filter/null route ddos attacks.

That may be true, but keep in mind that all these "DDoS Protection" companies have outrageous bandwidth to play with, and that's where most of their protection comes from. They filter all the crap out before it ever reaches your services.

@Sausage: My bad, I woke up early and wrote that crap. But in my defense, like Elevations says, blocking UDP via software still doesn't do much, as it's still got to be read/filtered.

---
Wish upon a star!

Plasmastar posted: (15th Nov 2012, 06:48 pm)

elevations posted: (15th Nov 2012, 04:31 pm)

Plasmastar posted: (15th Nov 2012, 03:46 pm)

You all should know, that firewalls do very little to thwart actual bandwidth based attacks. The traffic still has to get to the firewall for it to block it, hence doing it's job by still using your bandwidth...

Hence "blocking UDP" is ridiculous advice. P.S. If you block all UDP, you no longer give out ping replies.

Correction Software "firewalls" do little you are not being specific enough.

I am mainly talking about hardware firewalls, big expensive equipment to stop/negate/filter/null route ddos attacks.

That may be true, but keep in mind that all these "DDoS Protection" companies have outrageous bandwidth to play with, and that's where most of their protection comes from. They filter all the crap out before it ever reaches your services.

@Sausage: My bad, I woke up early and wrote that crap. But in my defense, like Elevations says, blocking UDP via software still doesn't do much, as it's still got to be read/filtered.

That explains why it takes so long to connect to FE.

Hollows posted: (15th Nov 2012, 06:57 pm)

Plasmastar posted: (15th Nov 2012, 06:48 pm)

elevations posted: (15th Nov 2012, 04:31 pm)

Plasmastar posted: (15th Nov 2012, 03:46 pm)

You all should know, that firewalls do very little to thwart actual bandwidth based attacks. The traffic still has to get to the firewall for it to block it, hence doing it's job by still using your bandwidth...

Hence "blocking UDP" is ridiculous advice. P.S. If you block all UDP, you no longer give out ping replies.

Correction Software "firewalls" do little you are not being specific enough.

I am mainly talking about hardware firewalls, big expensive equipment to stop/negate/filter/null route ddos attacks.

That may be true, but keep in mind that all these "DDoS Protection" companies have outrageous bandwidth to play with, and that's where most of their protection comes from. They filter all the crap out before it ever reaches your services.

@Sausage: My bad, I woke up early and wrote that crap. But in my defense, like Elevations says, blocking UDP via software still doesn't do much, as it's still got to be read/filtered.

That explains why it takes so long to connect to FE.

Haha, were we making a joke?

---
Wish upon a star!

Well, the new VPS is up and running. If you have the new version downloaded, please change your IP to 198.148.92.112

---
申し訳ありません~~

If you don't like it, delete your server. If you don't want to, FACE it.

Huh what face?

mrballin posted: (16th Nov 2012, 01:42 am)

If you don't like it, delete your server. If you don't want to, FACE it.

Hardy Har Har I'm mrballin all lower case cuz i dun kn0wz zsjisahias to capzzzsaas on my namezzz I betz I can luernz to ddosz lulsasa im funneh...  faggot be gone.

---
( ͡° ͜ʖ ͡°)CTronic.org 
I'm Nutso. Keep your fingers out of my butthole.

mrballin posted: (16th Nov 2012, 01:42 am)

If you don't like it, delete your server. If you don't want to, FACE it.

---
...

Not that again.....

Uh oh, we got a bad ass over here.

---
Wish upon a star!

Who? I'm confused 0_e

mrballin posted: (16th Nov 2012, 01:42 am)

If you don't like it, delete your server. If you don't want to, FACE it.

---
CN:BH 4 lyfe

Look how me and Haze get +1's for our spam off topic attacks at some one who is "hated".. Just reminds me of the Karma topic @Plasma..

smh. Me/haze/jimmy/plasma all should of got at least 1 - for our posts..

---
( ͡° ͜ʖ ͡°)CTronic.org 
I'm Nutso. Keep your fingers out of my butthole.